lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20220225234339.2386398-1-haoluo@google.com>
Date:   Fri, 25 Feb 2022 15:43:30 -0800
From:   Hao Luo <haoluo@...gle.com>
To:     Alexei Starovoitov <ast@...nel.org>,
        Andrii Nakryiko <andrii@...nel.org>,
        Daniel Borkmann <daniel@...earbox.net>
Cc:     Martin KaFai Lau <kafai@...com>, Song Liu <songliubraving@...com>,
        Yonghong Song <yhs@...com>, KP Singh <kpsingh@...nel.org>,
        Shakeel Butt <shakeelb@...gle.com>,
        Joe Burton <jevburton.kernel@...il.com>,
        Tejun Heo <tj@...nel.org>, joshdon@...gle.com, sdf@...gle.com,
        bpf@...r.kernel.org, linux-kernel@...r.kernel.org,
        Hao Luo <haoluo@...gle.com>
Subject: [PATCH bpf-next v1 0/9] Extend cgroup interface with bpf

This patchset provides a bpf solution for monitoring cgroup activities
and exporting cgroup states in an organized way in bpffs. It introduces
the following features:

 1. sleepable tracepoints and sleepable tracing programs.
 2. a set of bpf helpers for creating and deleting files and
    directories in bpffs.
 3. a new iter prog, parameterizable by cgroup ids, to print cgroup
    state.

Sleepable tracepoints and tracing progs allow us to run bpf progs when
a new cgroup is created or an existing cgroup is removed. The set of
filesystem helpers allows sleepable tracing progs to set up directories
in bpffs for each cgroup. The progs can also pin and unlink bpf objects
from these bpffs directories. The new iter prog can be used to export
cgroup states. Using this set of additions, we are creating an extension
to the current cgroup interface to export per-cgroup stats.

See the selftest added in patch 09/09, test_cgroup_stats, as a full
example on how it can be done. The test develops a custom metric
measuring per-cgroup scheduling latencies and exports it via cgroup
iters, which are pinned by sleepable tracing progs attaching at cgroup
tracepoints.

Not only for per-cgroup stats, the same approach can be used for other
states such as task_vma iter and per-bpf-prog state. As an example, we
can write sleepable tracing progs to monitor task fork and exit, and let
the tracing prog to set up directories, parameterize task_vma iter and
pin the iters.

Hao Luo (9):
  bpf: Add mkdir, rmdir, unlink syscalls for prog_bpf_syscall
  bpf: Add BPF_OBJ_PIN and BPF_OBJ_GET in the bpf_sys_bpf helper
  selftests/bpf: tests mkdir, rmdir, unlink and pin in syscall
  bpf: Introduce sleepable tracepoints
  cgroup: Sleepable cgroup tracepoints.
  libbpf: Add sleepable tp_btf
  bpf: Lift permission check in __sys_bpf when called from kernel.
  bpf: Introduce cgroup iter
  selftests/bpf: Tests using sleepable tracepoints to monitor cgroup
    events

 include/linux/bpf.h                           |  16 +-
 include/linux/tracepoint-defs.h               |   1 +
 include/trace/bpf_probe.h                     |  22 +-
 include/trace/events/cgroup.h                 |  45 ++++
 include/uapi/linux/bpf.h                      |  32 +++
 kernel/bpf/Makefile                           |   2 +-
 kernel/bpf/cgroup_iter.c                      | 141 +++++++++++
 kernel/bpf/inode.c                            |  33 ++-
 kernel/bpf/syscall.c                          | 237 ++++++++++++++++--
 kernel/cgroup/cgroup.c                        |   5 +
 kernel/trace/bpf_trace.c                      |   5 +
 tools/include/uapi/linux/bpf.h                |  32 +++
 tools/lib/bpf/libbpf.c                        |   1 +
 .../selftests/bpf/prog_tests/syscall.c        |  67 ++++-
 .../bpf/prog_tests/test_cgroup_stats.c        | 187 ++++++++++++++
 tools/testing/selftests/bpf/progs/bpf_iter.h  |   7 +
 .../selftests/bpf/progs/cgroup_monitor.c      |  78 ++++++
 .../selftests/bpf/progs/cgroup_sched_lat.c    | 232 +++++++++++++++++
 .../testing/selftests/bpf/progs/syscall_fs.c  |  69 +++++
 19 files changed, 1175 insertions(+), 37 deletions(-)
 create mode 100644 kernel/bpf/cgroup_iter.c
 create mode 100644 tools/testing/selftests/bpf/prog_tests/test_cgroup_stats.c
 create mode 100644 tools/testing/selftests/bpf/progs/cgroup_monitor.c
 create mode 100644 tools/testing/selftests/bpf/progs/cgroup_sched_lat.c
 create mode 100644 tools/testing/selftests/bpf/progs/syscall_fs.c

-- 
2.35.1.574.g5d30c73bfb-goog

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ